package login;

import gnu.crypto.util.Base64;
import login.ops.PKCS7SignatureOps;
import login.ops.SignatureContainerOps;
import login.ops.SignatureOps;
import org.apache.log4j.PropertyConfigurator;
import org.slf4j.LoggerFactory;
import tr.gov.tubitak.uekae.esya.api.common.ESYAException;
import tr.gov.tubitak.uekae.esya.api.common.util.LicenseUtil;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.FileInputStream;
import java.io.IOException;

/**
 * Validation servlet for signatures created while logging in
 *
 * @author suleyman.uslu
 */
public class LoginValidation extends HttpServlet {

    private static org.slf4j.Logger msLogger = LoggerFactory.getLogger(LoginValidation.class);

    static {
        PropertyConfigurator.configure(Util.log4jPath);
    }

    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        String signatureString64 = request.getParameter("signature64");

        try {
            LicenseUtil.setLicenseXml(new FileInputStream(Util.licensePath));
            msLogger.debug("License is set : " + Util.licensePath);
        } catch (ESYAException e) {
            e.printStackTrace();
        }

        try
        {
            byte[] signatureBytes = Base64.decode(signatureString64);

            String signature = new String(signatureBytes);
            msLogger.debug("Signature" + signature);

            SignatureOps signatureOps = null;
            boolean isValid = false;
            String username = "";

            // create operation object for correct type of signature
            switch(Util.signatureType) {
                //case XAdES : signatureOps = new XmlSignatureOps(signatureBytes);    break;
                //case CAdES : signatureOps = new CmsSignatureOps(signatureBytes);    break;
                case Container : signatureOps = new SignatureContainerOps(signatureBytes);  break;
                case PKCS7 : signatureOps = new PKCS7SignatureOps(signatureBytes);    break;
            }

            // validate signature
            isValid = signatureOps.verify();
            username = signatureOps.getSignerName();

            HttpSession session = request.getSession();

            if(isValid) {

                msLogger.debug("signature verified");

                User user = new User();
                user.setUsername(username);
                user.setLoggedIn(true);
                session.setAttribute("user", user);

                //session.setAttribute("LOGIN", "true");
                //session.setAttribute("USERNAME", username);

                request.getRequestDispatcher("home.jsp").forward(request,response);
            }
            else {

                msLogger.debug("signature NOT verified!");

                User user = new User();
                user.setMessage("Access NOT granted!");
                session.setAttribute("user", user);

                //session.setAttribute("ERROR", "Access NOT granted!");

                request.getRequestDispatcher("login.jsp").forward(request,response);
            }
        }
        catch (Exception e) {
            e.printStackTrace();
        }
    }

    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

    }
}
